uni login a national educational single sign on solution
Download
Skip this Video
Download Presentation
UNI-login – a national educational single sign on solution

Loading in 2 Seconds...

play fullscreen
1 / 16

UNI-login a national educational single sign on solution - PowerPoint PPT Presentation


  • 250 Views
  • Uploaded on

UNI-login – a national educational single sign on solution. Standards and Interoperability Expert workshop 4.2 February 26 th , 2009 Michael Viskum. UNI • C Denmark´s IT-Centre for Education and Research.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'UNI-login a national educational single sign on solution' - faustus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
uni login a national educational single sign on solution

UNI-login – a national educational single sign on solution

Standards and InteroperabilityExpert workshop 4.2

February 26th, 2009

Michael Viskum

uni c denmark s it centre for education and research
UNI•C Denmark´s IT-Centre for Education and Research
  • UNI•C, The Danish IT Centre for Education and Research, offers a broad spectrum of ICT services for the educational and research community, and more than 500,000 users are in frequent contact with UNI•C’s products and IT services.
  • UNI•C is an agency to the Danish Ministry of Education. Our core competencies are comprehensive IT solutions for the educational sector - right from the technical connection to pedagogical tools.
  • UNI•C has around 300 employees at 3 locations in Denmark.
uni c s services to education
UNI•C’s services to education
  • Sektornet - including e.g. security solutions
  • UNI•Login
  • Educational websites (EMU and its many services)
  • Intranet / local learning environments
  • Professional development of teachers in the field of ICT integration in education
  • Pupils’ ICT licence
  • Administrative systems
  • Statistics and analyses for the Ministry of Education
  • Hosting and facility management
  • The Danish Research Network
  • IT - Security (e.g. DK•CERT)
  • International collaboration
uni login a single sign on vision
UNI-Login – a Single Sign On Vision
  • To provide a unified login for all IT-services in the Danish educational sector.
  • Current goal is to build a national authentication and authorization framework and provide unified login for web-based services.
towards uni login
Towards UNI-Login

SkoDa and SkoleKom services adapted by UNI-C

UNI•C central user database HUGO was founded

UNI-Login

was born

Single login only

UNI-Login

As a general SSO service

Extended integration with various systems

Year

1995 1997 1999 2001 2003 2005 2007 2009

Users

250.000 500.000 700.000 800.000

SkoDa – database service for schools in Denmark

SkoleKom – mail and conferencing system for schools in Denmark

HUGO – UNI•Cscentral user database

hugo central user database
HUGO – Central user database
  • Centralized user administration for the Danish educational sector.
  • Delegated administration ensures quality of data.
  • Forms the immediate basis for authentication and authorization control for the unified login
  • 2.600 primary and secondary schools
  • 2.600 other institutions (Vocational schools, publishers, museums, municipalities, ministries, etc. )
  • 740.000 children/students
  • 91.000 teachers/employees
first step single login
First step: Single Login
  • HUGO populates a central LDAP-database with passwords and access rights (service codes).
  • Provides the authentication and authorization service called Single Login.
  • Users must login to each service.
  • Basic access rights: user groups
  • Advanced access rights: service codes
single sign on pubcookie solution
Single Sign-On – Pubcookie solution
  • Solution at UNI-C is based on Pubcookie from University of Washington. (www.pubcookie.org)
  • a central login-server.
  • Cookies and passwords are protected by SSL and host domains.
  • No browser extensions required.
  • Platform neutral, both on client and server side.
  • Plug-in modules available for Apache and IIS webservers.
integration of external applications
Integration of external applications
  • In some cases it is not possible or desirable to use Pubcookie directly with a given application (SSL not wanted, external DNS domain).
  • UNI-C has developed an SSO proxy solution.
  • Authentication info is communicated in a short-lived URL-encoded fingerprint.
  • Security model is based on a shared secret.
overview
Overview

Providers webbased service

Providers webbasedlog on page

School

Name

Class

etc.

UserID

UserID

Log on

yes

Infotjenesten (a set of well defined webservices)

Already logged on?

Yes

SSO Proxy

Do userID and passwordmatches?

No

UNI•Logins

log on page

No

uni login what can it be used for
UNI-Login – what can it be used for?

More than 800.000 administrators, teachers and students has a unique id and password. :

  • All children and teachers in the primary schools
  • All publishers of educational content in Denmark
  • All museums
  • Many students and teachers in other educations institutions

The UNI-Login gives access to:

  • national tests by the ministry,
  • online subscriptions by private publishers,
  • video streaming from the National Broadcasting Company (DR),
  • local intranets at school level,
  • local network access at schools and
  • all services at UNI-C.
slide13

EMU and other services from UNI-C

Private publishers

Local intranets at schools

Video streaming (DR)

UNI-Login

Other content providers

National tests

Local network access at schools

Optagelse.dk

13

slide14
External UNI-Login applications
  • abc.dk - [http://abc.gyldendal.dk/]
  • Aschehougs Leksikon - [http://www.ashleks.dk/]
  • Danske dyr - [http://danske-dyr.dk/]
  • Dansk Historie - [http://danskhistorie.dk/]
  • Ekstra Bladet Skole - [http://ekstrabladet.dk/skole]
  • Elevplaner - [http://elevplan.mikrov.dk/]
  • Elevunivers - [http://elevunivers.dk/]
  • Evaluerings System - [http://www.evalueringssystem.dk/]
  • Forlag Malling Beck, Materialehylden - [http://www.materialehylden.dk/]
  • Forlag Malling Beck, MPO - [http://www.mpo.matematik.dk/]
  • Forlag Malling Beck, Vækstpunkter - [https://vpunkt.emu.dk/vpunkt/WStartPage.aspx]
  • Filmstriben - [http://www.filmstriben.dk/skole/]
  • FriLaesning.dk - [http://frilaesning.dk/]
  • Hval - [http://hval.dk/]/
  • Matematikkens Univers - [http://www.matematikkensunivers.dk/]
  • Mingoville - [http://www.dk.mingoville.com/]
  • Praktik+ - [http://www.pplus.dk/]
  • Skole - [http://dr.dk/skole]
  • Skolegloben - [http://www.skolegloben.dk/]
  • SkoleIntra - [http://skoleintra.dk/]
  • Skolenetværket - [http://secure.skolenetvaerket.dk/]
  • Trafiktjekket - [http://trafiktjekket.dk/]
  • UddannelsesGuiden - [http://ug.dk/]
  • Undervisningsbanken - [http://www.undervisningsbanken.dk/]
  • It’s Learning VLE
  • SkoleIntra
next steps
Next steps
  • Improved synchronization of data between HUGO/Data store and external applications
  • Integration of more external applications.
  • Development of a more sophisticated logout model for SSO.
summary
Summary
  • UNI-C has with the UNI-Login deployed a web-based SSO infrastructure for the educational sector
  • Most of our own web-based services are using UNI-Login.
  • Made possible by the central HUGO user database with delegated administration.
  • Has been widely accepted by the educational sector.
ad